|
1. when you register your sonicwall vpn upgrade at [], a unique vpn client serial number and link to download the sonicwall vpn client zip file is displayed.
the security policy is renamed to match the sa name created in the sonicwall. you can rename the security policy by highlighting new connection in the network security policy box and typing the security policy name. configuring vpn security and remote identity 1. select secure in the network security policy box on the right side of the security policy editor window. 2. select ip subnet in the id type menu. 3. enter the sonicwall lan ip address in the subnet field. 4. enter the lan subnet mask in the mask field. 5. select all in the protocol menu to permit all ip traffic through the vpn tunnel. 6. select the connect using secure gateway tunnel check box. 7. select ip address in the id type menu at the bottom of the security policy editor window. 8. enter the sonicwall wan ip address in the field below the id type menu. enter the nat public address if nat is enabled.
configuring vpn client identity to configure the vpn client identity, click my identity in the network security policy window. 1. select none from the select certificate menu. 2. select the method used to access the internet from the internet interface menu. select ppp adapter from the name menu if you have a dial-up internet connection. select the ethernet adapter if you have a dedicated cable, isdn, or dsl line.
configuring vpn client security policy 1. select security policy in the network security policy window.
2. select use manual keys in the select phase 1 negotiation mode menu. 3. click the + next to security policy, and select key exchange (phase 2). click the + next to key exchange (phase 2), and select proposal 1.
configuring vpn client key exchange proposal 1. select key exchange (phase 2) in the network security policy box. then select proposal 1 below key exchange (phase 2).
2. select unspecified in the sa life menu. 3. select none from the compression menu. 4. select the encapsulation protocol (esp) check box. 5. select des from the encryption alg menu. 6. select md5 from the hash alg menu. 7. select tunnel from the encapsulation menu. 8. leave the authentication protocol (ah) check box unselected. configuring inbound vpn client keys 1. click inbound keys. the inbound keying material box appears.
2. click enter key to define the encryption and authentication keys. 3. enter the sonicwall outgoing spi in the security parameter index field. 4. select binary in the choose key format options. 5. enter the sonicwall 16-character encryption key in the esp encryption key field. 6. enter the sonicwall 32-character authentication key in the esp authentication key field, then click ok. configuring outbound vpn client keys 1. click outbound keys. an outbound keying material box is displayed.
2. click enter key to define the encryption and authentication keys. 3. enter the sonicwall incoming spi in the security parameter index field. 4. select binary in the choose key format menu. 5. enter the sonicwall appliance 16-character encryption key in the esp encryption key field. 6. enter the sonicwall appliance 32-character authentication key in the esp authentication key field and then click ok. saving sonicwall vpn client settings select save changes in the file menu in the top left corner of the security policy editor window. verifying the vpn tunnel as active after configuring the vpn client, you can verify that a secure tunnel is active and sending data securely across the connection. you can verify the connection by verifying the type of icon displayed in the system tray near the system clock. verifying the vpn client icon in the system tray the sonicwall vpn client icon is displayed in the system tray if you are running a windows operating system. the icon changes to reflect the current status of your communication over the vpn tunnel.
(责任编辑:admin) |
